Top Tips Of Avant-garde NSE5_FSM-5.2 Dumps

NEW QUESTION 1
To determine SNMP discovery issues, which is the best command from the backend?

• A. snmpwalk
• B. phSNMPTest
• C. snmptest
• D. ssh

Answer: A

NEW QUESTION 2
What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used?

• A. 16GB RAM
• B. 32GB RAM
• C. 64GB RAM
• D. 24GB RAM

Answer: D

NEW QUESTION 3
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

• A. Time Window
• B. Aggregation
• C. Group By
• D. Filters

Answer: B

NEW QUESTION 4
In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation?(Choose three.)

• A. ELSE
• B. NOT
• C. FOLLOWED_BY
• D. OR
• E. AND

Answer: ABE

NEW QUESTION 5
Refer to the exhibit.

What do the yellow stars listed in the Monitor column indicate?

• A. A yellow star indicates that a metric was applied during discovery, and data has been collected successfully
• B. A yellow star indicates that a metric was applied during discovery, but data collection has not started
• C. A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.
• D. A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.

Answer: B

NEW QUESTION 6
Which three ports can be used to send Syslogs to FortiSIEM? (Choose three.)

• A. UDP9999
• B. UDP 162
• C. TCP 514
• D. UDP 514
• E. TCP 1470

Answer: CDE

NEW QUESTION 7
To determine whether or not syslog is being received from a network device, which is the best command from the backend?

• A. tcpdump
• B. phDeviceTest
• C. netcat
• D. phSyslogRecorder

Answer: A

NEW QUESTION 8
Which two FortiSIEM components work together to provide real-time event correlation?

• A. Collector and Windows agent
• B. Supervisor and worker
• C. Worker and collector
• D. Supervisor and collector

Answer: D

NEW QUESTION 9
Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

• A. Seven results will be displayed.
• B. There results will be displayed.
• C. Unique attribute cannot be grouped.
• D. Five results will be displayed.

Answer: D

NEW QUESTION 10
Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

• A. Through GUI log discovery
• B. Through syslog discovery
• C. Using the pull events method
• D. Through auto log discovery

Answer: A

NEW QUESTION 11
Which command displays the Linux agent status?

• A. Service fsm-linux-agent status
• B. Service Ao-linux-agent status
• C. Service fortisiem-linux-agent status
• D. Service linux-agent status

Answer: C

NEW QUESTION 12
Which FortiSIEM components are capable of performing device discovery?

• A. FortiSIEM Windows agent
• B. Worker
• C. FortiSIEM Linux agent
• D. Collector

Answer: D

NEW QUESTION 13
Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server
Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

• A. TELNET
• B. WMI
• C. LDAPS
• D. LDAP start TLS

Answer: A

NEW QUESTION 14
......